The present invention relates to the management of terminals, such as portable terminals. The present invention relates more specifically to managing and improving the security of these devices. The present invention relates even more specifically to a technique for propagating authentication between a plurality of terminals connectable to a server via a network.
Services using the internet to manage personal information such as names, addresses and telephone numbers and to manage payment information such as credit card numbers and expiration data have proliferated. Authenticating the users of these services is critically important from the standpoint of security.
In order to prevent the divulging of sensitive information from portable terminals such as smartphones, mobile phones, tablets, personal digital assistants (PDAs), notebook computers and gaming consoles, users are prompted during login to set a strong password, which is a password of a predetermined length which combines letters and numbers. However, in order to avoid the hassle of having to frequently enter such a password into a portable terminal, lock timers with a long period of time are often installed or easy passwords set. In such an environment, the risk of sensitive information such as personal information or payment information being divulged from a portable terminal is higher.
Multiple terminals (such as portable terminals and desktop computers) are often used in a business setting. Individual passwords are usually established for each device. This means a user has to enter a password each time a terminal is used, which may make using these devices burdensome.
Japanese laid-open Patent Publication No. 2010-165264 describes a method for synchronizing data stored in a plurality of portable terminals via a synchronizing server device connected to and communicating with each terminal (claim 1). FIG. 2 (a) in the patent publication shows how data is synchronized by placing mobile phone 11a and mobile phone 11b together and shaking them (paragraphs 0037 and 0041-0086), and FIG. 2 (b) in the same document shows how data is synchronized by bringing mobile phone 12a and mobile phone 12b into contact with each other (paragraphs 0038 and 0087-0097).
Japanese laid-open Patent Publication No. 2011-133951 describes an authentication inheriting system in which an authentication session ID for uniquely identifying the authentication of a user in the system managed with the user's ID for a wired or wireless communication environment connected to a predetermined terminal which the user may switch to and use at a later time. When the user has switched environments, the environment ID is acquired, and the user's authentication in the previous environment is acquired from the authentication session ID connected to the environment ID (paragraph 0011).
Japanese laid-open Patent Publication No. 2009-239431 describes an intermediation system in which there are two terminals desiring intermediation for communication and a server connected to the terminals via a network. The two terminals send an intermediation request to the server which includes the proximity determining information acquired by each terminal for determining the proximity of the terminals to each other and identification information related to the terminals. When the intermediation request has been received, the server compares the proximity determining information from the two terminals. When the terminals are close to each other, the server generates a predetermined authentication code, and replies to the two terminals. When authentication results are received from the two terminals indicating that the authentication codes matched, intermediation is performed between the two terminals (claim 1).
Japanese laid-open Patent Publication No. 2007-219935 describes a distribution system for distributed authentication management that allows for continuous use of a service and reduces the number of times a user has to perform authentication even when a terminal including more than one communication means changes communication means while a service is being provided (abstract).
Japanese laid-open Patent Publication No. 2008-097203 describes a method for locking the operation of a personal computer when a user is away from his or her seat (abstract).
Japanese laid-open Patent Publication No. 2007-328674 describes a method that reliably prevents information leaks and tampering with a portable memory device as well as unauthorized use of a portable memory device, and that reliably prevents unauthorized connection of a portable memory device to a network by a third party (abstract).
Japanese laid-open Patent Publication No. 2006-099217 describes a method for preventing unauthorized use of an IC card, and that notifies a user that the card has been left behind or stolen (abstract).
Online document “The Bump App for iPhone and Android”, published by Apple, Inc., describes an application that allows contact information, photographs, messages, music, SNS contacts and event calendars to be shared simply by grasping the terminals and bumping them together.
Document “Liberty ID-WSF Multi-Device SSO Deployment Guide Version: 1.0-02”, published by Liberty Alliance Project, 2008, describes how an SSO (single sign on) is inherited when a user switches communication devices.